CVE-2024-22295

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jan 31, 2024

Updated: Feb 6, 2024

CWE ID 79

Summary

CVE-2024-22295 is a Cross-site Scripting (XSS) vulnerability affecting the Photo Gallery, Images, Slider component of Rbs Image Gallery. The issue stems from improper neutralization of user input during web page generation. An attacker can exploit this vulnerability to inject malicious scripts into a victim's web browser and potentially steal sensitive information or take control of their account. This issue impacts all versions of the Rbs Image Gallery from n/a to 3.2.17. Users are advised to upgrade to a patched version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Robogallery Robo Gallery

Affected Vendors

Robo Gallery

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uE2M4X
https://www.cve.org/CVERecord?id=CVE-2024-22295
https://nvd.nist.gov/vuln/detail/CVE-2024-22295

Back to Vulnerability Database